Microsoft Edge Chromium vulnerabilities

205 known vulnerabilities affecting microsoft/edge_chromium.

Total CVEs

205

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH97MEDIUM90LOW7

Vulnerabilities

Page 5 of 11

CVE-2023-36024HIGHCVSS 7.1fixed in 118.0.2088.102fixed in 119.0.2151.582023-11-10

CVE-2023-36024 [HIGH] CWE-269 CVE-2023-36024: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-36014HIGHCVSS 7.3fixed in 119.0.2151.582023-11-10

CVE-2023-36014 [HIGH] CWE-94 CVE-2023-36014: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

nvd

CVE-2023-36027MEDIUMCVSS 6.3fixed in 118.0.2088.102fixed in 119.0.2151.582023-11-10

CVE-2023-36027 [MEDIUM] CVE-2023-36027: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-36409MEDIUMCVSS 6.5fixed in 118.0.2088.462023-11-07

CVE-2023-36409 [MEDIUM] CVE-2023-36409: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

nvd

CVE-2023-36034HIGHCVSS 7.3fixed in 118.0.2088.88fixed in 119.0.2151.442023-11-03

CVE-2023-36034 [HIGH] CWE-416 CVE-2023-36034: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

nvd

CVE-2023-36022MEDIUMCVSS 6.6fixed in 118.0.2088.88fixed in 119.0.2151.442023-11-03

CVE-2023-36022 [MEDIUM] CWE-94 CVE-2023-36022: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

nvd

CVE-2023-44323MEDIUMCVSS 5.5fixed in 118.0.2088.762023-10-30

CVE-2023-44323 [MEDIUM] CWE-416 CVE-2023-44323: Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerabi Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

nvd

CVE-2023-36559MEDIUMCVSS 4.2fixed in 118.0.2088.462023-10-13

CVE-2023-36559 [MEDIUM] CVE-2023-36559: Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability

nvd

CVE-2023-5217HIGHCVSS 8.8KEVv116.0.5845.229v117.0.5938.1322023-09-28

CVE-2023-5217 [HIGH] CWE-787 CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1 Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

nvd

CVE-2023-36735CRITICALCVSS 9.6fixed in 117.0.2045.312023-09-15

CVE-2023-36735 [CRITICAL] CWE-416 CVE-2023-36735: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-36562HIGHCVSS 7.1fixed in 117.0.2045.312023-09-15

CVE-2023-36562 [HIGH] CWE-416 CVE-2023-36562: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-36727MEDIUMCVSS 6.1fixed in 117.0.2045.312023-09-15

CVE-2023-36727 [MEDIUM] CVE-2023-36727: Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability

nvd

CVE-2023-4863HIGHCVSS 8.8KEVfixed in 116.0.1938.812023-09-12

CVE-2023-4863 [HIGH] CWE-787 CVE-2023-4863: Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

nvd

CVE-2023-4762HIGHCVSS 8.8KEVfixed in 116.0.1938.762023-09-05

CVE-2023-4762 [HIGH] CWE-843 CVE-2023-4762: Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute a Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

nvd

CVE-2023-36741HIGHCVSS 7.5fixed in 116.0.1938.622023-08-26

CVE-2023-36741 [HIGH] CWE-416 CVE-2023-36741: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-36787HIGHCVSS 8.8fixed in 116.0.1938.542023-08-21

CVE-2023-36787 [HIGH] CWE-416 CVE-2023-36787: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-38158LOWCVSS 3.1fixed in 116.0.1938.542023-08-21

CVE-2023-38158 [LOW] CWE-200 CVE-2023-38158: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

nvd

CVE-2023-38157MEDIUMCVSS 6.5fixed in 115.0.1901.2002023-08-07

CVE-2023-38157 [MEDIUM] CWE-693 CVE-2023-38157: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

nvd

CVE-2023-38187MEDIUMCVSS 6.5fixed in 115.0.1901.1832023-07-21

CVE-2023-38187 [MEDIUM] CWE-269 CVE-2023-38187: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

nvd

CVE-2023-35392MEDIUMCVSS 4.7fixed in 115.0.1901.1832023-07-21

CVE-2023-35392 [MEDIUM] CWE-290 CVE-2023-35392: Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability

nvd

← Previous5 / 11Next →